Pages

Tuesday, 6 October 2015

Criminals Steal 11,000 Passwords Through Outlook Server

Criminals have by infecting an Outlook mail server of a US company more than 11,000 passwords associated with user names managed to steal. That security Cybereason said in a report (pdf). What company will be concerned was not disclosed.

In the attack, the attackers had a rogue module to the Microsoft Outlook Web Application (OWA) is added, the webmail server where the company made use of. The attackers were able to save all log data through the module. In addition, the module also served as a back door. The company attacked OWA used to give remote users access to Outlook.

According to the security company made this configuration, OWA ideal attack platform, because the server was exposed both internally and externally. Because OWA authentication domain passwords is based, an attacker with access to the OWA server can get your hands on as the domain passwords for the entire organization. The module was found to have more than 11,000 passwords stored. How not know the OWA server initially could become infected Cybereason late.